Connect Windows hosts to Microsoft Sentinel
One of the most common logs to collect is Windows security events. Learn how Microsoft Sentinel makes this easy with the Security Events connector.
Security Operations Analyst
Azure
Sysinternals
Policy
Microsoft Sentinel
Windows Security
Module Objectives
Upon completion of this module, the learner will be able to:
- Connect Azure Windows Virtual Machines to Microsoft Sentinel
- Connect non-Azure Windows hosts to Microsoft Sentinel
- Configure Log Analytics agent to collect Sysmon events
Units
Prerequisites
Basic knowledge of operational concepts such as monitoring, logging, and alerting.